this post was submitted on 19 May 2026
84 points (97.7% liked)

Privacy

4538 readers
464 users here now

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 2 years ago
MODERATORS
Ategon@programming.dev
danielintempesta@programming.dev
84
"The Quiet Renovation at Bitwarden" (it isn't good) (blog.ppb1701.com)
submitted 1 day ago by cm0002@infosec.pub to c/privacy@programming.dev
16 comments fedilink hide all child comments
top 16 comments
sorted by: hot top controversial new old
[–] SinTan1729@programming.dev 5 points 23 hours ago

I hope that there'll be community forks of the bitwarden frontend apps just like there's vaultwarden for the server.

[–] obvs@lemmy.world 7 points 1 day ago

It's not safe to use U.S.-based companies for security.

[–] defaultusername@lemmy.dbzer0.com 19 points 1 day ago (1 children)

I deleted my Bitwarden account a few days ago and switched to KeePassXC (and DX) and Syncthing.

[–] rants_unnecessarily@piefed.social 12 points 1 day ago

I just knocked from gmail to proton, so I guess this gives me reason to switch to the included password vault.

It's a shame I only recently got the rest of the family to begin using bitwarden, so it'll be a bit of a shock to them.

[–] suicidaleggroll@lemmy.world 15 points 1 day ago (1 children)

The "always free" banner is back on the website, FWIW

[–] lka1988@lemmy.dbzer0.com 7 points 17 hours ago

It was a scream test. It always is.

[–] splendid9583@kbin.earth 12 points 1 day ago

https://www.privacyguides.org/en/passwords/

[–] AssaultPepper@monero.town 10 points 1 day ago (1 children)

Rough getting the whole family on Bitwarden only for them to rug pull what made it good.

I'll be keeping an eye on forks I guess.

[–] brian@programming.dev 9 points 1 day ago (1 children)

vaultwarden is already reasonably mature for server

[–] AssaultPepper@monero.town 2 points 20 hours ago

I've heard good things, issues would mainly pertain to somehow walking non-technical family members through setup.

As well given I don't have a security background I try to keep my self hosted stuff to non-critical items. Plex going down matters less than "I can't login to my bank account because the optiplex decided to die while I'm in the office".

Albeit knowing how locked in many users are made it a great target for PE so should've seen that coming.

[–] Dialectical_Specialist@quokk.au 8 points 1 day ago (1 children)

How will we know when to jump ship and is it already now?

[–] onlinepersona@programming.dev 11 points 1 day ago (1 children)

Jump now, before it enshittifies. Start looking for alternatives otherwise they might do something like disable exports. Then you'll have a really hard time switching.

[–] Dialectical_Specialist@quokk.au 5 points 22 hours ago (1 children)

Disabling exports seems unprecedentedly extreme. I see little to gain from such lock-in even in a financial sense

[–] onlinepersona@programming.dev -1 points 19 hours ago

Tell CrApple that lock-in has little financial gain.

[–] robbo@programming.dev 1 points 1 day ago

I went through a process of programs for this. I can't remember what was first but I used lastpass for a while... it never felt good and even just meant all websites had an error in the console. Then I used bitwarden for a long time and I can't remember why but I think it just got worse or annoying. Then using 1password was just so much better, maybe I just tested it and realised how bad bitwarden was. Been on it since. Because I use it for work too (out of choice, but want to get it as a company wide thing) I will stay with it for good. But if I didn't do it like that I think I'd just commit to everything being proton.